Lucene search
K

89 matches found

CNNVD
CNNVD
added 2024/07/09 12:0 a.m.2 views

WordPress plugin Default Thumbnail Plus security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

8.8CVSS6.8AI score0.00786EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/04 12:0 a.m.4 views

PT-2024-37539 · WordPress · Imgspider

Name of the Vulnerable Software and Affected Versions: IMGspider plugin for WordPress versions up to, and including, 2.3.10 Description: The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload img file function. This makes it...

8.8CVSS8.1AI score0.00939EPSS
Exploits0References10
EUVD
EUVD
added 2024/06/14 12:51 p.m.5 views

EUVD-2024-26994

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handlefoldersfileupload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS7.2AI score0.03303EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.4 views

WordPress plugin All-in-One Video Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in t...

8.8CVSS6.4AI score0.01558EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.4 views

PT-2023-11848 · WordPress · Simple:Press

Name of the Vulnerable Software and Affected Versions: The Simple:Press – WordPress Forum Plugin for WordPress versions up to, and including, 6.6.0 Description: The issue is related to arbitrary file uploads due to missing file type validation in the...

9.8CVSS9.6AI score0.01818EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.5 views

WordPress Plugin Delete All Comments 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

9.8CVSS8.5AI score0.02326EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.5 views

PT-2023-15935 · WordPress · Adsanity

Name of the Vulnerable Software and Affected Versions: AdSanity plugin for WordPress versions up to, and including, 1.8.1 Description: The issue is related to missing file type validation in the ajax upload function, allowing authenticated attackers with Contributor+ level privileges to upload...

8.8CVSS8.7AI score0.02196EPSS
Exploits1References8
OSV
OSV
added 2021/07/21 3:16 p.m.4 views

CVE-2021-34619

The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file...

8.8CVSS5.8AI score0.00719EPSS
Exploits2References2
VulnCheck KEV
VulnCheck KEV
added 2020/07/07 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-36705

The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

9.8CVSS7.4AI score0.06944EPSS
Exploits1References1
Rows per page
Query Builder